FreeBSD 3.1 remote reboot exploit

From: Jamie Rishaw (jamieat_private)
Date: Sat May 01 1999 - 01:18:40 PDT

Next message: Neale Banks: "Re: Possible Linuxconf Vulnerability"

Previous message: Patrick J. Volkerding: "Re: Possible Linuxconf Vulnerability"
Next in thread: Warner Losh: "Re: FreeBSD 3.1 remote reboot exploit"
Reply: Warner Losh: "Re: FreeBSD 3.1 remote reboot exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

  Sorry to be so vague, but I wanted to let everyone know,

  It's been demonstrated to me by two people who will not reveal "how"
that there is a remote bug exploit, almost certainly over IP, that will
cause FreeBSD-3.1 systems to reboot with no warnings.

  The second box this was demonstrated on today had no open services
besides ircd, and was remote rebooted.  (The first box had open services
such as smtp, ssh, pop, http, but did /not/ run ircd, eliminating ircd
as the culprit).

  If anyone can shed some light on this (really bad) issue, it'd be
greatly appreciated, especially since I am(was) in the process of
upgrading all of my boxes to 3.1. (3.1-REL).

  Regards,

-jamie
--
jamie rishaw (efnet:gavroche) -- Exodus Communications, Inc.
>Sr. Network Engr, Chicago, SoCal Data Centers
<jimmie> In an interesting move Exodus Communications annouced today that
         they have replaced all of their backbone engineers with furby's

Next message: Neale Banks: "Re: Possible Linuxconf Vulnerability"
Previous message: Patrick J. Volkerding: "Re: Possible Linuxconf Vulnerability"
Next in thread: Warner Losh: "Re: FreeBSD 3.1 remote reboot exploit"
Reply: Warner Losh: "Re: FreeBSD 3.1 remote reboot exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:39 PDT